1apiVersion: networking.k8s.io/v1
2kind: Ingress
3metadata:
4 name: postgrest
5 annotations:
6 kubernetes.io/ingress.allow-http: "false"
7 kubernetes.io/ingress.class: gce
8 kubernetes.io/ingress.global-static-ip-name: postgrest-ip
9 networking.gke.io/managed-certificates: postgrest-cert
10 networking.gke.io/v1beta1.FrontendConfig: ncr-default
11spec:
12 defaultBackend:
13 service:
14 name: postgrest
15 port:
16 number: 8080
17 rules:
18 - http:
19 paths:
20 - backend:
21 service:
22 name: postgrest
23 port:
24 number: 8082
25 path: /ready
26 pathType: ImplementationSpecific
27 - backend:
28 service:
29 name: pgrstoauth
30 port:
31 number: 8080
32 path: /oauth/token
33 pathType: ImplementationSpecific
34---
35apiVersion: networking.gke.io/v1beta1
36kind: FrontendConfig
37metadata:
38 name: ncr-default
39spec:
40 redirectToHttps:
41 enabled: true
42 sslPolicy: ncr-default
43---
44apiVersion: networking.gke.io/v1
45kind: ManagedCertificate
46metadata:
47 name: postgrest-cert
48spec:
49 domains:
50 - sovereign.${domain}
51---
52apiVersion: cloud.google.com/v1
53kind: BackendConfig
54metadata:
55 name: postgrest
56spec:
57 healthCheck:
58 type: HTTP
59 port: 8082
60 checkIntervalSec: 10
61 healthyThreshold: 1
62 requestPath: /ready
63 iap:
64 enabled: true
65 oauthclientCredentials:
66 secretName: iap-oauth
67---
68apiVersion: cloud.google.com/v1
69kind: BackendConfig
70metadata:
71 name: pgrstoauth
72spec:
73 iap:
74 enabled: true
75 oauthclientCredentials:
76 secretName: iap-oauth
View as plain text